Wireless subnet using Windows

I've got a client that is running the DHCP role on their domain controller. They are running a 192.168.1.0/24 network and they are running out of addresses. What they would like to do is move to a /23 network so they have a larger pool of addresses. What needs to be done to convert the /24 to a /23 network on the server? Once the /23 network is setup, do I just need to reconfigure the subnet mask on everything static? A reboot to dynamically assigned hosts fix their network connections, right?
Joby JacobSysAdminAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Brian BEE Topic Advisor, Independant Technology ProfessionalCommented:
You are on the right track.
A couple of ideas:
- Introduce two DHCP servers (if you are using windows 2012 or higher, you can make redundant DHCP) to cover DHCP failure.
- Depending on your physical network design, you could also create two separate subnets to help separate traffic.
0
arnoldCommented:
What equipment is involved, changing the subnet requires reconfiguration of all systems, devices
Introducing another segment with ip helper/DHCP relay agent on that segment with the scope/super scope.....

More detail about the environment could provide additional transparent options.
0
Jimmy Larsson, CISSP, CEHNetwork and Security consultantCommented:
I usually recommend not to build larger subnets than /24 for the reason that to man concurrent hosts in the same subnet domain will increase the amount of broadcasts (such as ARP requests) which will increase the baseline load of the network.

200-250 hosts per subnet is a good too value. Growing into 500 concurrent hosts is I my opinion a bad network design, generally speaking.

Of course, re-subnetting will not increase the number of hosts per se, and it's the number of hosts that is the issue, not the number of available addresses.

Just a side note...

/Jimmy
0
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

Joby JacobSysAdminAuthor Commented:
A little more info on the client... Server 2008, possible 2003. They have 2 sites connected through a site-to-site VPN. Site A is the one running low on available addresses and it is on a 192.168.1.0/24 network. Site B has over 100 available addresses and is on a 192.168.2.0/24.
0
Jimmy Larsson, CISSP, CEHNetwork and Security consultantCommented:
You can probably not merge these subnets since the vpn connection is L3, a router hop between them. If you want to extend the 1-network you can change netmask to 255.255.254.0 and now all addresses in the range of 192.168.0.1 up to 192.168.1.254 can be used, without exceptions.
0
arnoldCommented:
Separate the wireless to its own segment compared to the wired..

what is the setup there like? What switches are there?
0
Joby JacobSysAdminAuthor Commented:
I asked, but they also have some computers on the wifi and some of the sales people possible need to print from their phones. They have a mix of switches (HP, Netgear, etc) and Secure Computing is their Router/Firewall.
0
arnoldCommented:
You could separate the WIFI to its own separate segment are the switches managed?
HP is managed and could be used to segment network into two subnets with routing/handling of the connections from the new subnet to existing resources....

dhcp relay agent on the new subnet ..........

the new subnet provides you with testing option before you roll it out in production but designating a single port on a switch to which your test system will be connected and where you can test the allocation of a new IP from a new scope.
Difficulty runs deals with whether the site to site VPN should include the wireless connected devices.....

Adding the new IP segment to the Router setting up all rights


understanding the environment is paramount to limit minimize a possible impact to functionality
Commonly choosing private IPs in the 192.168.0.0/24 192.168.1.0/24 and 192.168.2.0/24 are .... since these are the IP segments commonly used on RETAIL home routers and often are the cause of VPN issues dealing with IP overlaps.

at the conclusion the available IPs increase. ...
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
masnrockCommented:
You should at a minimum, be moving wireless for non-corporate devices to a separate subnet that cannot communicate with the corporate subnet. I am willing to bet that staff is bringing in all sorts of unauthorized devices and connecting them to the wireless at Site A. Now if for some reason there are just too many users, then you should be creating other subnets, starting with one for corporate wireless and one for guest wireless. The corporate wireless subnet can still be allowed access to resources on the wired side if set up properly.
0
Craig BeckCommented:
I'd just expand the subnet, as Jimmy said.

If the expansion is due to an increase in wireless clients this won't add much broadcast traffic to the network due to the way APs handle it.
0
Joby JacobSysAdminAuthor Commented:
I believe they are running in a Server 2008 environment, so we couldn't even consider the relay option. What we ended up doing is creating another IP Scope. Luckily, they have a router/gateway that will support multiple IPs, so we created a scope of 192.168.3.1 - 192.168.3.254, then added static IPs to the DHCP Server and the Gateway in the 192.168.3.x range. Those IPs were also excluded from the scope to make sure they don't accidentally get distributed. Once this was done, we configured a workstation with a static IP in the 192.168.3.x range and tested pinging the gateway, pinging the DHCP Server, pinging other workstations on the 192.168.1.x network, getting out to the internet and all tests were successful. They wanted as little impact as possible to the network as we could not bring down the network, there was no available time outside of normal operating hours, and they have a lot of old equipment/software that could possibly have issues with a network change. The 192.168.3.x range is just going to be extra addresses they have just in case they have some ridiculous growth before they upgrade their 10+ year-old hardware/software. They have approximately 60 VMs that will hopefully be decommissioned in the next 6 months, so they will get 60 IPs back in their original 192.168.1.x range.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Wireless Networking

From novice to tech pro — start learning today.